In the wake of the recent CrowdStrike outage, cybercriminals swiftly capitalized on the situation by exploiting a flaw in the CrowdStrike Falcon sensor to specifically target customers in the LATAM region. In other news, the Daggerfly cyber-espionage group deployed new malware versions to attack Taiwanese organizations and a U.S. NGO in China. Gamers, stay alert! Threat actors are using fake GTA VI beta ads on Facebook and redirecting users to a malicious domain. Read on for more cybersecurity updates.
01
Cybercriminals abused a CrowdStrike Falcon sensor issue by distributing a malicious ZIP archive containing a HijackLoader payload that loaded RemCos, targeting LATAM CrowdStrike customers.
02
The Daggerfly threat group has been found deploying new malware versions, including a MgBot-based malware family and a Macma macOS backdoor, in cyber-espionage attacks on Taiwanese organizations and a U.S. NGO in China.
03
Researchers have discovered FrostyGoop, a new ICS malware that directly uses Modbus TCP communications, which targeted an energy company in Lviv, Ukraine, resulting in a loss of heating services to more than 600 apartment buildings for almost 48 hours.
04
Two vulnerabilities (CVE-2023-46229 and CVE-2023-44467) in LangChain have been identified that could have allowed attackers to execute arbitrary code and access sensitive data, respectively.
05
ESET researchers discovered a zero-day exploit targeting Telegram for Android, called EvilVideo. This exploit allowed attackers to send malicious Android payloads disguised as video files in unpatched versions of Telegram.
06
RA World, formerly known as RA Group, has intensified multi-extortion attacks on the healthcare and manufacturing sectors using a new Babuk ransomware variant, with possible ties to the Chinese threat group BRONZE STARLIGHT.
07
Threat actors have been exploiting anticipation for the upcoming GTA VI release by using malicious Facebook ads to promote fake beta versions, targeting European users and redirecting them to a malicious domain hosting an Ethereum scam.
08
In a sophisticated e-commerce attack, threat actors used a swap file to maintain a persistent credit card skimmer on a Magento site, evading detection by hooking into session data.
09
Israeli cloud security company Wiz is staying the course with its initial plan to pursue an IPO, rejecting a potential $23 billion acquisition offer from Google’s parent company, Alphabet.
10
Heeler Security, an application security startup, raised $8.5 million in seed funding, led by Norwest Venture Partners with additional support from Storm Ventures.
